Replace Ciphertext/multiplyInversePowerOfX with Ciphertext/multiplyPowerOfX (#249)

Author: fboemer

Benchmarks/RlweBenchmark/RlweBenchmark.swift

@@ -398,14 +398,14 @@ func ciphertextMultiplyBenchmark<Scheme: HeScheme>(_: Scheme.Type) -> () -> Void
     }
 }
 
-func ciphertextMultiplyInversePowerOfXBenchmark<Scheme: HeScheme>(_: Scheme.Type) -> () -> Void {
+func ciphertextMultiplyPowerOfXBenchmark<Scheme: HeScheme>(_: Scheme.Type) -> () -> Void {
     {
-        benchmark("CiphertextMultiplyInversePowerOfX", Scheme.self) { benchmark in
+        benchmark("CiphertextMultiplyPowerOfX", Scheme.self) { benchmark in
             let benchmarkContext: RlweBenchmarkContext<Scheme> = try StaticRlweBenchmarkContext.getBenchmarkContext()
             benchmark.startMeasurement()
             var ciphertext = try benchmarkContext.ciphertext.convertToCoeffFormat()
             for _ in benchmark.scaledIterations {
-                try blackHole(ciphertext.multiplyInversePowerOfX(power: ciphertext.context.degree / 2))
+                try blackHole(ciphertext.multiplyPowerOfX(power: -ciphertext.context.degree / 2))
             }
         }
     }
@@ -765,8 +765,8 @@ nonisolated(unsafe) let benchmarks: () -> Void = {
     ciphertextSubtractBenchmark(Bfv<UInt32>.self)()
     ciphertextSubtractBenchmark(Bfv<UInt64>.self)()
 
-    ciphertextMultiplyInversePowerOfXBenchmark(Bfv<UInt32>.self)()
-    ciphertextMultiplyInversePowerOfXBenchmark(Bfv<UInt64>.self)()
+    ciphertextMultiplyPowerOfXBenchmark(Bfv<UInt32>.self)()
+    ciphertextMultiplyPowerOfXBenchmark(Bfv<UInt64>.self)()
 
     ciphertextMultiplyBenchmark(Bfv<UInt32>.self)()
     ciphertextMultiplyBenchmark(Bfv<UInt64>.self)()

Sources/HomomorphicEncryption/Array2d.swift

@@ -183,17 +183,27 @@ extension Array2d {
 }
 
 extension Array2d {
-    // rotate every `range` elements left by `step` elements
+    /// Rotate columns.
+    /// - Parameter step: Negative step indicates a left rotation. Positive step indicates a right rotation.
+    /// - Warning: L:eaks `step` through timing.
     @inlinable
-    mutating func rotate(range: Int, step: Int) throws {
-        guard columnCount.isMultiple(of: range) else {
-            throw HeError.invalidRotationParameter(range: range, columnCount: data.count)
+    mutating func rotateColumns(by step: Int) throws {
+        let effectiveStep = step.toRemainder(columnCount, variableTime: true)
+        if effectiveStep == 0 {
+            return
         }
-
-        let effectiveStep = step.toRemainder(range, variableTime: true)
-        for index in stride(from: 0, to: data.count, by: range) {
-            let replacement = data[index + effectiveStep..<index + range] + data[index..<index + effectiveStep]
-            data.replaceSubrange(index..<index + range, with: replacement)
+        if effectiveStep < 0 {
+            for index in stride(from: 0, to: data.count, by: columnCount) {
+                let replacement = data[index - effectiveStep..<index + columnCount] +
+                    data[index..<index - effectiveStep]
+                data.replaceSubrange(index..<index + columnCount, with: replacement)
+            }
+        } else {
+            for index in stride(from: 0, to: data.count, by: columnCount) {
+                let cutoff = index + columnCount - effectiveStep
+                let replacement = data[cutoff..<index + columnCount] + data[index..<cutoff]
+                data.replaceSubrange(index..<index + columnCount, with: replacement)
+            }
         }
     }
 

Sources/HomomorphicEncryption/Ciphertext.swift

@@ -499,14 +499,13 @@ extension Ciphertext {
 }
 
 extension Ciphertext where Format == Coeff {
-    /// Computes `ciphertext * x^{-power}`.
+    /// Computes `ciphertext * x^{power}`.
     ///
-    /// - Parameter power: Power in the monomial; must be positive.
-    /// - Throws: Error upon failure to compute the inverse.
+    /// - Parameter power: Power in the monomial
+    /// - Throws: Error upon failure to compute.
     @inlinable
-    public mutating func multiplyInversePowerOfX(power: Int) throws {
-        precondition(power >= 0)
-        try Scheme.multiplyInversePowerOfX(&self, power: power)
+    public mutating func multiplyPowerOfX(power: Int) throws {
+        try Scheme.multiplyPowerOfX(&self, power: power)
     }
 }
 

Sources/HomomorphicEncryption/HeScheme.swift

@@ -993,17 +993,17 @@ public protocol HeScheme: Sendable {
     static func noiseBudgetEval(of ciphertext: EvalCiphertext, using secretKey: SecretKey, variableTime: Bool) throws
         -> Double
 
-    /// Computes `ciphertext * x^{-power}`.
+    /// Computes `ciphertext * x^{power}`.
     ///
     /// - Parameters:
     ///  - ciphertext: ciphertext to be multiplied.
-    ///  - power: Power in the monomial; must be positive.
-    /// - Throws: Error upon failure to compute the inverse.
-    /// - seealso: ``HeScheme/multiplyInversePowerOfXAsync(_:power:)``  for an async version of this API
-    static func multiplyInversePowerOfX(_ ciphertext: inout CoeffCiphertext, power: Int) throws
+    ///  - power: Power in the monomial.
+    /// - Throws: Error upon failure to compute.
+    /// - seealso: ``HeScheme/multiplyPowerOfXAsync(_:power:)``  for an async version of this API.
+    static func multiplyPowerOfX(_ ciphertext: inout CoeffCiphertext, power: Int) throws
 
-    /// The async version of ``HeScheme/multiplyInversePowerOfX(_:power:)``.
-    static func multiplyInversePowerOfXAsync(_ ciphertext: inout CoeffCiphertext, power: Int) async throws
+    /// The async version of ``HeScheme/multiplyPowerOfX(_:power:)``.
+    static func multiplyPowerOfXAsync(_ ciphertext: inout CoeffCiphertext, power: Int) async throws
 }
 
 /// Codify different HE schemes.
@@ -1021,10 +1021,9 @@ public enum HeCryptoSystem: String {
 extension HeScheme {
     @inlinable
     // swiftlint:disable:next missing_docs attributes
-    public static func multiplyInversePowerOfX(_ ciphertext: inout CoeffCiphertext, power: Int) throws {
-        precondition(power >= 0)
+    public static func multiplyPowerOfX(_ ciphertext: inout CoeffCiphertext, power: Int) throws {
         for index in ciphertext.polys.indices {
-            try ciphertext.polys[index].multiplyInversePowerOfX(power)
+            try ciphertext.polys[index].multiplyPowerOfX(power)
         }
     }
 }

Sources/HomomorphicEncryption/HeSchemeAsync.swift

@@ -221,8 +221,8 @@ extension HeScheme {
     }
 
     @inlinable
-    public static func multiplyInversePowerOfXAsync(_ ciphertext: inout CoeffCiphertext, power: Int) async throws {
-        try multiplyInversePowerOfX(&ciphertext, power: power)
+    public static func multiplyPowerOfXAsync(_ ciphertext: inout CoeffCiphertext, power: Int) async throws {
+        try multiplyPowerOfX(&ciphertext, power: power)
     }
     // swiftlint:enable missing_docs
 }

Sources/HomomorphicEncryption/PolyRq/PolyRq.swift

@@ -408,22 +408,28 @@ extension PolyRq where F == Coeff {
 
 extension PolyRq where F == Coeff {
     @inlinable
-    mutating func multiplyInversePowerOfX(_ power: Int) throws {
-        precondition(power >= 0)
-        let effectiveStep = power % (degree &<< 1)
-        if effectiveStep == 0 {
-            return
+    mutating func multiplyPowerOfX(_ power: Int) throws {
+        // Calculate effective step once, handling both positive and negative powers
+        let twiceDegree = degree &<< 1
+        let absEffectiveStep = abs(power) % twiceDegree
+
+        if absEffectiveStep == 0 {
+            return // No change needed for powers that are multiples of 2*degree
+        }
+
+        // Determine rotation direction and effective step based on power sign
+        let rotationStep = power < 0 ? -absEffectiveStep : absEffectiveStep
+        try data.rotateColumns(by: rotationStep % degree)
+
+        let negateColumns = switch (power < 0, absEffectiveStep < degree) {
+        case (true, true): (degree &- absEffectiveStep)..<degree
+        case (true, false): 0..<(twiceDegree &- absEffectiveStep)
+        case (false, true): 0..<absEffectiveStep
+        case (false, false): (absEffectiveStep &- degree)..<degree
         }
-        try data.rotate(range: degree, step: effectiveStep)
         for (rowIndex, modulus) in moduli.enumerated() {
-            if effectiveStep < degree {
-                for columnIndex in degree &- effectiveStep..<degree {
-                    data[rowIndex, columnIndex] = data[rowIndex, columnIndex].negateMod(modulus: modulus)
-                }
-            } else {
-                for columnIndex in 0..<(degree &<< 1) &- effectiveStep {
-                    data[rowIndex, columnIndex] = data[rowIndex, columnIndex].negateMod(modulus: modulus)
-                }
+            for columnIndex in negateColumns {
+                data[rowIndex, columnIndex] = data[rowIndex, columnIndex].negateMod(modulus: modulus)
             }
         }
     }

Sources/PrivateInformationRetrieval/IndexPir/PirUtil.swift

@@ -99,7 +99,7 @@ extension PirUtilProtocol {
         var difference = ciphertext
         try await Scheme.subAssignAsync(&difference, c1)
         var differenceCoeff = try await difference.convertToCoeffFormat()
-        try await Scheme.multiplyInversePowerOfXAsync(&differenceCoeff, power: shiftingPower)
+        try await Scheme.multiplyPowerOfXAsync(&differenceCoeff, power: -shiftingPower)
         let differenceCanonical = try await differenceCoeff.convertToCanonicalFormat()
         try await Scheme.addAssignAsync(&c1, ciphertext)
         return (c1, differenceCanonical)

Sources/_TestUtilities/HeApiTestUtils.swift

@@ -1376,34 +1376,68 @@ public enum HeAPITestHelpers {
 
     /// Testing multiply inverse power of x.
     @inlinable
-    public static func multiplyInverseTest<Scheme: HeScheme>(
+    public static func multiplyPowerOfXTest<Scheme: HeScheme>(
         context: Scheme.Context,
         scheme _: Scheme.Type) async throws
     {
         let testEnv = try HeAPITestHelpers.TestEnv<Scheme>(context: context, format: .coefficient)
 
-        var coeffCiphertext1 = try await testEnv.ciphertext1.convertToCoeffFormat()
-        var coeffCiphertext2 = coeffCiphertext1
-        var coeffCiphertext3 = coeffCiphertext1
-        var coeffCiphertext4 = coeffCiphertext1
+        var coeffCiphertext = try await testEnv.ciphertext1.convertToCoeffFormat()
+        var coeffCiphertexts = Array(repeating: coeffCiphertext, count: 8)
         let degree = context.degree
         let plaintextModulus = context.plaintextModulus
+
+        try Scheme.multiplyPowerOfX(&coeffCiphertext, power: 0)
+        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertext, format: .coefficient, expected: testEnv.data1)
+
         let power1 = Int.random(in: 0..<degree)
+        try Scheme.multiplyPowerOfX(&coeffCiphertexts[0], power: power1)
+        try await Scheme.multiplyPowerOfXAsync(&coeffCiphertexts[1], power: power1)
+
+        try Scheme.multiplyPowerOfX(&coeffCiphertexts[2], power: -power1)
+        try await Scheme.multiplyPowerOfXAsync(&coeffCiphertexts[3], power: -power1)
+
         let power2 = Int.random(in: degree..<(degree << 1))
-        try Scheme.multiplyInversePowerOfX(&coeffCiphertext1, power: power1)
-        try Scheme.multiplyInversePowerOfX(&coeffCiphertext2, power: power2)
-        try await Scheme.multiplyInversePowerOfXAsync(&coeffCiphertext3, power: power1)
-        try await Scheme.multiplyInversePowerOfXAsync(&coeffCiphertext4, power: power2)
 
-        let expectedData1 = Array(testEnv.data1[power1..<degree] + testEnv.data1[0..<power1]
+        try Scheme.multiplyPowerOfX(&coeffCiphertexts[4], power: power2)
+        try await Scheme.multiplyPowerOfXAsync(&coeffCiphertexts[5], power: power2)
+
+        try Scheme.multiplyPowerOfX(&coeffCiphertexts[6], power: -power2)
+        try await Scheme.multiplyPowerOfXAsync(&coeffCiphertexts[7], power: -power2)
+
+        let expectedData1 = Array(testEnv.data1[degree - power1..<degree]
+            .map { $0.negateMod(modulus: plaintextModulus) } +
+            testEnv.data1[0..<degree - power1])
+
+        let expectedDataNeg1 = Array(testEnv.data1[power1..<degree] + testEnv.data1[0..<power1]
             .map { $0.negateMod(modulus: plaintextModulus) })
-        let expectedData2 = Array(testEnv.data1[(power2 - degree)..<degree]
+
+        let expectedData2 = Array(testEnv.data1[(2 * degree - power2)..<degree] +
+            testEnv.data1[0..<(2 * degree - power2)].map { $0.negateMod(modulus: plaintextModulus) })
+
+        let expectedDataNeg2 = Array(testEnv.data1[(power2 - degree)..<degree]
             .map { $0.negateMod(modulus: plaintextModulus) } + testEnv.data1[0..<(power2 - degree)])
 
-        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertext1, format: .coefficient, expected: expectedData1)
-        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertext2, format: .coefficient, expected: expectedData2)
-        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertext3, format: .coefficient, expected: expectedData1)
-        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertext4, format: .coefficient, expected: expectedData2)
+        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertexts[0], format: .coefficient, expected: expectedData1)
+        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertexts[1], format: .coefficient, expected: expectedData1)
+        try testEnv.checkDecryptsDecodes(
+            ciphertext: coeffCiphertexts[2],
+            format: .coefficient,
+            expected: expectedDataNeg1)
+        try testEnv.checkDecryptsDecodes(
+            ciphertext: coeffCiphertexts[3],
+            format: .coefficient,
+            expected: expectedDataNeg1)
+        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertexts[4], format: .coefficient, expected: expectedData2)
+        try testEnv.checkDecryptsDecodes(ciphertext: coeffCiphertexts[5], format: .coefficient, expected: expectedData2)
+        try testEnv.checkDecryptsDecodes(
+            ciphertext: coeffCiphertexts[6],
+            format: .coefficient,
+            expected: expectedDataNeg2)
+        try testEnv.checkDecryptsDecodes(
+            ciphertext: coeffCiphertexts[7],
+            format: .coefficient,
+            expected: expectedDataNeg2)
     }
 
     /// Testing ntt and intt on ciphertexts.

Tests/HomomorphicEncryptionTests/Array2dTests.swift

@@ -103,6 +103,34 @@ struct Array2dTests {
                 [8, 9, 10, 11, 12, 13, 14, 15])
     }
 
+    @Test
+    func rotateColumns() throws {
+        let data = (0..<12).map { UInt32($0) }
+        var array = Array2d(data: data, rowCount: 3, columnCount: 4)
+        try array.rotateColumns(by: 0)
+        #expect(array.data == data)
+
+        try array.rotateColumns(by: -1)
+        #expect(array.data == [1, 2, 3, 0, 5, 6, 7, 4, 9, 10, 11, 8])
+        try array.rotateColumns(by: 1)
+        #expect(array.data == data)
+
+        try array.rotateColumns(by: -2)
+        #expect(array.data == [2, 3, 0, 1, 6, 7, 4, 5, 10, 11, 8, 9])
+        try array.rotateColumns(by: 2)
+        #expect(array.data == data)
+
+        try array.rotateColumns(by: -3)
+        #expect(array.data == [3, 0, 1, 2, 7, 4, 5, 6, 11, 8, 9, 10])
+        try array.rotateColumns(by: 3)
+        #expect(array.data == data)
+
+        try array.rotateColumns(by: -5)
+        #expect(array.data == [1, 2, 3, 0, 5, 6, 7, 4, 9, 10, 11, 8])
+        try array.rotateColumns(by: 5)
+        #expect(array.data == data)
+    }
+
     @Test
     func resizeColumn() {
         var array = Array2d(data: [Int](0..<6), rowCount: 2, columnCount: 3)

Tests/HomomorphicEncryptionTests/HeAPITests.swift

@@ -201,7 +201,7 @@ struct HeAPITests {
             try bfvTestKeySwitching(context: context)
             try HeAPITestHelpers.noiseBudgetTest(context: context, scheme: Bfv<T>.self)
             try await HeAPITestHelpers.repeatedAdditionTest(context: context, scheme: Bfv<T>.self)
-            try await HeAPITestHelpers.multiplyInverseTest(context: context, scheme: Bfv<T>.self)
+            try await HeAPITestHelpers.multiplyPowerOfXTest(context: context, scheme: Bfv<T>.self)
             try await HeAPITestHelpers.schemeTestNtt(context: context, scheme: Bfv<T>.self)
             try await HeAPITestHelpers.schemeTestFormats(context: context, scheme: Bfv<T>.self)
         }